[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gnu-arch-users] Re: WebDAV

From: Eric S. Johansson
Subject: [Gnu-arch-users] Re: WebDAV
Date: Fri, 09 Apr 2004 14:00:37 -0400
User-agent: Mozilla Thunderbird 0.5 (Windows/20040207)

Dustin Sallings wrote:

I just don't get this at all. This is the configuration on my arch server (stock Mac OS X Apache):

<IfModule mod_dav.c>
    DavLockDB /tmp/dav.lock

    Alias /arch /home/web/arch

    <Location /arch/>
        Dav On

    (I've also got a .htaccess in that directory for authentication).

OK, this looks fairly simple. In its raw form it's probably read/write without authentication from your comments about .htaccess. first question: how can we make it more failsafe to prevent unintended unrestricted write access? Second, what authentication systems can we use that aren't so fragile as HTTP basic authentication? Can we use digest?

it would be preferable if the webdav methods supported some form of cookie system. something that will support a stronger authentication technique:

permission variations that should be documented:

read any
read any write some
read some write some

(because if we don't, you know people will ask)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]